What is the Government Doing to Keep Users Safe Online? - FTC, Other Agencies Wage War against Zombie Spam PCs

(Page 3 of 4 )

To a responsible Web surfer, it sounds like a scene right out of a horror movie: malicious hackers taking over computers and forcing these electronic zombies to repeatedly send millions of pieces of spam, all without the owner’s knowledge or consent. Most spam is an attempt to swindle the victim out of their money, usually with some sort of business fraud. The fraud aspect makes fighting spam a job for the Federal Trade Commission. The international nature of spam, however, makes it too big for just one government organization to try to combat.

Fortunately, the FTC is not alone. The commission recently joined with 35 government partners from more than 20 countries to launch “Operation Spam Zombies,” a campaign to educate ISPs and other Internet connectivity providers about zombie computers. In the first phase of the operation, participants will send letters to more than 3,000 ISPs worldwide, explaining the problem and urging them to take protective measures. The letter’s recommendations include:

Block port 25 when possible.

Apply rate-limiting controls for email relays.

Identify computers that are sending atypical amounts of email and take steps to determine whether the computer is acting as a spam zombie. When necessary, quarantine the affected computer until the source of the problem is removed.

Provide plain-language information for customers on how to keep their home computers secure.

Provide or point customers to easy-to-use tools to remove zombie code if their computers become infected.

In the second phase of the operation, likely spam zombies around the world will be identified, as well as the providers that operate the networks that are hosting them. The partners of the operation will then notify these providers of the problem and urge them to take corrective measures. Those looking for more information about Operation Spam Zombies can point their browsers to http://www.ftc.gov/bcp/conline/edcams/spam/zombie/index.htm.

The list of participants is long and quite respectable. In addition to the FTC, it features the Department of Commerce and the Department of Homeland Security from the U.S., and 33 agencies from Albania, Argentina, Australia, Belgium, Bulgaria, Canada, Colombia, Cyprus, Denmark, Germany, Greece, Ireland, Japan, Korea, Lithuania, Malaysia, Netherlands, Norway, Panama, Peru, Poland, Spain, Switzerland, Taiwan, and the United Kingdom. Conspicuous by their absence are China and Russia, countries believed to be the origin of much of the spam sent throughout the world.